Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 573160 (CVE-2016-2090) - <dev-libs/libbsd-0.8.2: Buffer overflow in fgetwln (CVE-2016-2090)
Summary: <dev-libs/libbsd-0.8.2: Buffer overflow in fgetwln (CVE-2016-2090)
Alias: CVE-2016-2090
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B2 [glsa]
Depends on:
Reported: 2016-01-27 22:00 UTC by Hanno Böck
Modified: 2016-07-20 11:22 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Hanno Böck gentoo-dev 2016-01-27 22:00:45 UTC
I have found a buffer overflow in libbsd. Upstream has released 0.8.2 today to fix it.

I think the affected function is rarely used, so I assume impact is relatively limited.

Upstream commit with explanation:

Please bump.
Comment 1 Manuel Rüger (RETIRED) gentoo-dev 2016-02-06 14:10:19 UTC
Added 0.8.2 which includes a fix for this.

Arches please test and stablize.
Comment 2 Tobias Klausmann (RETIRED) gentoo-dev 2016-02-09 11:57:32 UTC
Stable on alpha.
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2016-02-10 12:53:25 UTC
Stable for HPPA.
Comment 4 Agostino Sarubbo gentoo-dev 2016-02-11 12:28:34 UTC
amd64 stable
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2016-02-13 08:22:13 UTC
Stable for PPC64.
Comment 6 Markus Meier gentoo-dev 2016-02-14 17:21:53 UTC
arm stable
Comment 7 Agostino Sarubbo gentoo-dev 2016-03-15 16:39:42 UTC
x86 stable
Comment 8 Agostino Sarubbo gentoo-dev 2016-03-16 12:06:13 UTC
ppc stable
Comment 9 Agostino Sarubbo gentoo-dev 2016-03-19 11:36:15 UTC
sparc stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2016-03-19 13:06:27 UTC
CVE-2016-2090 (
  libbsd 0.8.1 and earlier contains a buffer overflow in the function
  fgetwln(). An if checks if it is necessary to reallocate memory in the
  target buffer. However this check is off by one, therefore an out of
  bounds write happens.
Comment 11 Aaron Bauman (RETIRED) gentoo-dev 2016-03-19 13:11:17 UTC
GLSA opened.
Comment 12 Aaron Bauman (RETIRED) gentoo-dev 2016-03-24 06:57:00 UTC
@maintainers, still pending cleanup of vulnerable ebuilds.  Please let us know when complete or if you are unable to at this time.  Thanks.
Comment 13 Michael Palimaka (kensington) gentoo-dev 2016-03-24 11:32:10 UTC
Cleanup done.
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2016-07-20 11:22:16 UTC
This issue was resolved and addressed in
 GLSA 201607-13 at
by GLSA coordinator Aaron Bauman (b-man).